{"_id":"53fe81ecaddab8973c1af2c5","is_link":false,"user":"53fe6d8baddab8973c1af266","parentDoc":null,"version":{"_id":"53fe6dc5addab8973c1af26a","__v":19,"project":"53fe6dc5addab8973c1af267","createdAt":"2014-08-27T23:46:13.941Z","releaseDate":"2014-08-27T23:46:13.941Z","categories":["53fe6dc5addab8973c1af26b","53fe71a2addab8973c1af276","53fe7d89addab8973c1af2b0","53fe7d8daddab8973c1af2b1","53fe836faddab8973c1af2ce","53ff9a4823a37e1d5cebafe1","53ff9e3723a37e1d5cebaff7","53ffaca523a37e1d5cebb039","53ffad2e23a37e1d5cebb03c","5400c7d2ec93b29b61d4f7be","5400f0e1ec93b29b61d4f7dd","54d5636323010a0d001aca81","54d565c1276f8e0d00feab54","54ff40532882a10d00546927","556606d25561af0d008208b7","558c91900b236c2500d37c9a","56180a14f8c9632100ac7599","564fb3a59b4fab1700187518","5702e2d2f2d6f336005e901f"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"__v":4,"category":{"_id":"53fe7d89addab8973c1af2b0","__v":6,"version":"53fe6dc5addab8973c1af26a","pages":["53fe7e17addab8973c1af2bb","53fe80ebaddab8973c1af2be","54011f0ec1c1764f69827203","53fe8159addab8973c1af2c1","53fe81ecaddab8973c1af2c5","54d94b3c6a09052100a6b699","56d49a9da4a9211b00c8f118"],"project":"53fe6dc5addab8973c1af267","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2014-08-28T00:53:29.717Z","from_sync":false,"order":6,"slug":"logout-reference","title":"Logout Reference"},"tags":[],"comments":[],"project":"53fe6dc5addab8973c1af267","updates":["54104c0e5337746a5c0b7c34"],"next":{"pages":[],"description":""},"createdAt":"2014-08-28T01:12:12.387Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","try":true,"auth":"never","params":[],"url":""},"isReference":false,"order":4,"body":"# Settings the timestamp\n\nSetting up timestamped logins is simple. Wherever in your application code that you do the Clef OAuth handshake to log a user in, simply add a timestamp to the session.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"require 'httparty'\\nrequire 'json'\\n\\nbase_url = \\\"https://clef.io/api/v1/info\\\"\\nquery_string = \\\"?access_token=#{access_token}\\\"\\nurl = base_url + query_string\\n\\nresponse = HTTParty.get(url)\\n\\nif response['success']\\n    user_info = response\\n    # {\\n    #   info: {\\n    #     id: '12345',\\n    #     first_name: 'Jesse',\\n    #     last_name: 'Pollak',\\n    #     phone_number: '1234567890',\\n    #     email: 'jesse:::at:::getclef.com'\\n    #   },\\n    #   success: true\\n    # }\\n\\n    session[:clef_id] = user_info['info']['id']\\n    session[:logged_in_at] = Time.now\\nelse\\n    p response['error']\\nend\\n     \",\n      \"language\": \"ruby\"\n    },\n    {\n      \"code\": \"import requests\\nimport json\\n\\nbase_url = 'https://clef.io/api/v1/authorize'\\nquery_string = '?access_token=%s' % access_token\\nurl = base_url + query_string\\n\\nresponse = requests.get(url)\\njson_response = json.loads(response.text)\\n\\nif json_response.get('success', False):\\n    user_info = json_response\\n    # {\\n    #   info: {\\n    #     id: '12345',\\n    #     first_name: 'Jesse',\\n    #     last_name: 'Pollak',\\n    #     phone_number: '1234567890',\\n    #     email: 'jesse@getclef.com'\\n    #   },\\n    #   success: true\\n    # }\\n    session['clef_id'] = user_info['info']['id']\\n    session['logged_in_at'] = time.time()\\nelse:\\n    print json_response['error']\",\n      \"language\": \"python\"\n    },\n    {\n      \"code\": \"<?php\\n\\nsession_start();\\n\\n$opts = array('http' =>\\n            array(\\n                'method'  => 'GET'\\n            )\\n        );\\n\\n$base_url = 'https://clef.io/api/v1/info';\\n$query_string = '?access_token='.$access_token;\\n$url = $base_url.$query_string\\n\\n$context  = stream_context_create($opts);\\n$response = file_get_contents($url, false, $context);\\n$response = json_decode($response, true);\\n\\nif ($response && $response['success']) {\\n    // $response = {\\n    //   info: {\\n    //     id: '12345',\\n    //     first_name: 'Jesse',\\n    //     last_name: 'Pollak',\\n    //     phone_number: '1234567890',\\n    //     email: 'jesse@getclef.com'\\n    //   },\\n    //   success: true\\n    // }\\n\\n    $_SESSION['clef_id'] = $response['info']['id'];\\n    $_SESSION['logged_in_at'] = time();\\n} \\nelse {\\n    echo $response['error'];\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n# Comparing the timestamped login to the timestamped logout\n\nThe last step in implementing Logout with Clef is comparing the `logged_in_at` session variable to the user `logged_out_at` field. If `logged_out_at` is after `logged_in_at`, the user's session is no longer valid and they should be logged out of your application.\n\nWhere this check goes is reasonably framework specific, but it should always go where you load user information from the database, which you will use for the rendering of the web page you are about to show. In Rails and Sinatra, this may be in a `before_filter`, in Flask this may be in a decorator that wraps each route, and in PHP this may be in a `isUserLoggedIn` function, which is called at the beginning of every script.","excerpt":"","slug":"checking-timestamped-logins","type":"basic","title":"Checking time-stamped logins"}

Checking time-stamped logins


# Settings the timestamp Setting up timestamped logins is simple. Wherever in your application code that you do the Clef OAuth handshake to log a user in, simply add a timestamp to the session. [block:code] { "codes": [ { "code": "require 'httparty'\nrequire 'json'\n\nbase_url = \"https://clef.io/api/v1/info\"\nquery_string = \"?access_token=#{access_token}\"\nurl = base_url + query_string\n\nresponse = HTTParty.get(url)\n\nif response['success']\n user_info = response\n # {\n # info: {\n # id: '12345',\n # first_name: 'Jesse',\n # last_name: 'Pollak',\n # phone_number: '1234567890',\n # email: 'jesse@getclef.com'\n # },\n # success: true\n # }\n\n session[:clef_id] = user_info['info']['id']\n session[:logged_in_at] = Time.now\nelse\n p response['error']\nend\n ", "language": "ruby" }, { "code": "import requests\nimport json\n\nbase_url = 'https://clef.io/api/v1/authorize'\nquery_string = '?access_token=%s' % access_token\nurl = base_url + query_string\n\nresponse = requests.get(url)\njson_response = json.loads(response.text)\n\nif json_response.get('success', False):\n user_info = json_response\n # {\n # info: {\n # id: '12345',\n # first_name: 'Jesse',\n # last_name: 'Pollak',\n # phone_number: '1234567890',\n # email: 'jesse@getclef.com'\n # },\n # success: true\n # }\n session['clef_id'] = user_info['info']['id']\n session['logged_in_at'] = time.time()\nelse:\n print json_response['error']", "language": "python" }, { "code": "<?php\n\nsession_start();\n\n$opts = array('http' =>\n array(\n 'method' => 'GET'\n )\n );\n\n$base_url = 'https://clef.io/api/v1/info';\n$query_string = '?access_token='.$access_token;\n$url = $base_url.$query_string\n\n$context = stream_context_create($opts);\n$response = file_get_contents($url, false, $context);\n$response = json_decode($response, true);\n\nif ($response && $response['success']) {\n // $response = {\n // info: {\n // id: '12345',\n // first_name: 'Jesse',\n // last_name: 'Pollak',\n // phone_number: '1234567890',\n // email: 'jesse@getclef.com'\n // },\n // success: true\n // }\n\n $_SESSION['clef_id'] = $response['info']['id'];\n $_SESSION['logged_in_at'] = time();\n} \nelse {\n echo $response['error'];\n}", "language": "php" } ] } [/block] # Comparing the timestamped login to the timestamped logout The last step in implementing Logout with Clef is comparing the `logged_in_at` session variable to the user `logged_out_at` field. If `logged_out_at` is after `logged_in_at`, the user's session is no longer valid and they should be logged out of your application. Where this check goes is reasonably framework specific, but it should always go where you load user information from the database, which you will use for the rendering of the web page you are about to show. In Rails and Sinatra, this may be in a `before_filter`, in Flask this may be in a decorator that wraps each route, and in PHP this may be in a `isUserLoggedIn` function, which is called at the beginning of every script.